<?php

     session_start();
     include('common.php');

    if (session_is_registered(MySBB_Admin_username) and $member_permission == 1)
    {

// **  **

         if ($groupper_row['admincp_membergroup'] != 1)
         {
             $SF->error('المعذره .. هذه الميزه غير متاحه لك !');
         }

// **  **

         if ($_GET['add'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $SF->Make_cplink_path("<a href='usergroup.php?main=1'>المجموعات</a> -> اضافة مجموعه");
                 $Smarty->display('usergroup_add.tpl');
             }

             if ($_GET['start'] == 1)
             {
                 if (empty($_POST['T1']) or empty($_POST['T2']) or empty($_POST['T3']))
                 {
                     $SF->error('يرجى تعبئة كافة المعلومات');
                 }

                 $insert = $DB->sql_query("
                           INSERT INTO " . $db_prefix . "group ( id , title , username_style , user_title , forum_team , banned , view_section , download_attach , write_subject , write_reply , upload_attach , edit_own_subject , edit_own_reply , del_own_subject , del_own_reply , write_poll , vote_poll , use_pm , send_pm , resive_pm , max_pm , min_send_pm , admincp_allow , search_allow , memberlist_allow,sig_allow,sig_len,group_mod,del_subject,del_reply ,edit_subject,edit_reply,stick_subject,unstick_subject , move_subject ,close_subject,vice,show_hidden,usertitle_change,onlinepage_allow,allow_see_offstyles,admincp_section,admincp_option,admincp_member,admincp_membergroup,admincp_membertitle,admincp_admin,admincp_adminstep,admincp_subject,admincp_database,admincp_fixup,admincp_ads,admincp_template,admincp_adminads,admincp_attach,admincp_page,admincp_block,admincp_style,admincp_toolbox,admincp_smile,admincp_icon,admincp_avater,admincp_contactus,group_order,upload_attach_num )
                           VALUES ('NULL','".$_POST['T1']."','".$_POST['T2']."','".$_POST['T3']."','".$_POST['D1']."','".$_POST['D2']."','".$_POST['D3']."','".$_POST['D4']."','".$_POST['D6']."','".$_POST['D7']."','".$_POST['D5']."','".$_POST['D8']."','".$_POST['D9']."','".$_POST['D10']."','".$_POST['D11']."','".$_POST['D12']."','".$_POST['D13']."','".$_POST['D14']."','".$_POST['D15']."','".$_POST['D16']."','".$_POST['T4']."','".$_POST['min_send_pm']."','".$_POST['D17']."','".$_POST['D18']."','".$_POST['D19']."','" . $_POST['sig_allow'] . "','" . $_POST['sig_len'] . "','" . $_POST['group_mod'] . "','" . $_POST['del_subject'] . "','" . $_POST['del_reply'] . "','" . $_POST['edit_subject'] . "','" . $_POST['edit_reply'] . "','" . $_POST['stick_subject']  . "','" . $_POST['unstick_subject'] . "','" . $_POST['move_subject'] . "','" . $_POST['close_subject '] . "','" . $_POST['group_vice'] . "','" . $_POST['hide'] . "','" . $_POST['usertitle_change'] . "','" . $_POST['onlinepage_allow'] . "','" . $_POST['allow_see_offstyles'] . "','" . $_POST['admincp_section'] . "','" . $_POST['admincp_option'] . "','" . $_POST['admincp_member'] . "','" . $_POST['admincp_membergroup'] . "','" . $_POST['admincp_membertitle'] . "','" . $_POST['admincp_admin'] . "','" . $_POST['admincp_adminstep'] . "','" . $_POST['admincp_subject'] . "','" . $_POST['admincp_database'] . "','" . $_POST['admincp_fixup'] . "','" . $_POST['admincp_ads'] . "','" . $_POST['admincp_template'] . "','" . $_POST['admincp_adminads'] . "','" . $_POST['admincp_attach'] . "','" . $_POST['admincp_page'] . "','" . $_POST['admincp_block'] . "','" . $_POST['admincp_style'] . "','" . $_POST['admincp_toolbox'] . "','" . $_POST['admincp_smile'] . "','" . $_POST['admincp_icon'] . "','" . $_POST['admincp_avater'] . "','" . $_POST['admincp_contactus'] . "','" . $_POST['group_order'] . "','" . $_POST['upload_attach_num'] . "')");

                 $id = $DB->sql_insert_id($insert);

                 if ($insert)
                 {
                     $groupinfo_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='$id'");
                     $groupinfo_row   = $DB->sql_fetch_array($groupinfo_query);

                     $getsection = $DB->sql_query("SELECT * FROM " . $db_prefix . "section");

                     while ($section_row = $DB->sql_fetch_array($getsection))
                     {
                         $insert_sectiongroup = $DB->sql_query("INSERT INTO " . $db_prefix . "sectiongroup
                                                (id,section_id,group_id,view_section,download_attach,write_subject,write_reply,upload_attach,edit_own_subject,edit_own_reply,del_own_subject,del_own_reply,write_poll,vote_poll)
                                                VALUES ('NULL','" . $section_row['id'] . "','" . $groupinfo_row['id'] . "','" . $groupinfo_row['view_section'] . "','" . $groupinfo_row['download_attach'] . "','" . $groupinfo_row['write_subject'] . "','" . $groupinfo_row['write_reply'] . "','" . $groupinfo_row['upload_attach'] . "','" . $groupinfo_row['edit_own_subject'] . "','" . $groupinfo_row['edit_own_reply'] . "','" . $groupinfo_row['del_own_subject'] . "','" . $groupinfo_row['del_own_reply'] . "','" . $groupinfo_row['write_poll'] . "','" . $groupinfo_row['vote_poll'] . "')");
                     }

                     $updategroup  =  $SF->UpdateSectionGroupArray();

                     if ($updategroup)
                     {
                         $SF->msg('تم اضافة المجموعه بنجاح !');
                         $SF->go_to('usergroup.php?main=1',2);
                     }
                 }
             }
         }

// **  **

         if ($_GET['main'] == 1)
         {
             $SF->Make_cplink_path('المجموعات');
             $getgroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group ORDER BY id ASC");

             $getgroup_rows = array();
             while ($getgroup_row = $DB->sql_fetch_array($getgroup_query))
             {
                     $getgroup_rows[] = $getgroup_row;
                     $Smarty->assign('getgroup_rows',$getgroup_rows);
             }

             $Smarty->display('usergroup_main.tpl');
         }

// **  **

         if ($_GET['edit'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $getgroupinfo_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . intval($_GET['id']) . "'");
                 $getgroupinfos_row  = $DB->sql_fetch_array($getgroupinfo_query);

                 $username_style = $getgroupinfos_row['username_style'];
                 $username_style = str_replace('>', '&gt;', $username_style);
                 $username_style = str_replace('<', '&lt;', $username_style);

                 $SF->Make_cplink_path("<a href='usergroup.php?main=1'>المجموعات</a> -> تحرير المجموعه : " . $getgroupinfos_row['title']);

                 $Smarty->assign_by_ref('getgroupinfos_row',$getgroupinfos_row);
                 $Smarty->assign('username_style',$username_style);

                 $Smarty->display('usergroup_edit.tpl');
             }

             if ($_GET['start'] == 1)
             {
                 if (empty($_POST['T1']) or empty($_POST['T2']) or empty($_POST['T3']))
                 {
                     $SF->error('يرجى تعبئة كافة المعلومات');
                 }

                 $update = $DB->sql_query("
                           UPDATE " . $db_prefix . "group SET
                           title='".$_POST['T1']."',
                           username_style='".$_POST['T2']."',
                           user_title='".$_POST['T3']."',
                           forum_team='".$_POST['D1']."',
                           banned='".$_POST['D2']."',
                           view_section='".$_POST['D3']."',
                           download_attach = '".$_POST['D4']."',
                           download_attach_number = '" . $_POST['download_attach_number'] . "',
                           upload_attach = '".$_POST['D5']."',
                           write_subject = '" . $_POST['D6'] . "',
                           write_reply = '" . $_POST['D7'] . "',
                           edit_own_subject = '".$_POST['D8']."',
                           edit_own_reply = '".$_POST['D9']."',
                           del_own_subject = '".$_POST['D10']."',
                           del_own_reply = '".$_POST['D11']."',
                           write_poll = '".$_POST['D12']."',
                           vote_poll = '".$_POST['D13']."',
                           use_pm = '".$_POST['D14']."',
                           send_pm = '".$_POST['D15']."',
                           resive_pm = '".$_POST['D16']."',
                           max_pm = '".$_POST['T4']."',
                           min_send_pm = '".$_POST['min_send_pm']."',
                           admincp_allow = '".$_POST['D17']."',
                           search_allow = '".$_POST['D18']."',
                           memberlist_allow = '".$_POST['D19']."',
                           sig_allow='" . $_POST['sig_allow'] . "',
                           sig_len='" . $_POST['sig_len'] . "',
                           group_mod='" . $_POST['group_mod'] . "',
                           del_subject='" . $_POST['del_subject'] . "',
                           del_reply='" . $_POST['del_reply'] . "',
                           edit_subject='" . $_POST['edit_subject'] . "',
                           edit_reply='" . $_POST['edit_reply'] . "',
                           stick_subject='" . $_POST['stick_subject'] . "',
                           unstick_subject='" . $_POST['unstick_subject'] . "',
                           move_subject='" . $_POST['move_subject'] . "',
                           close_subject='" . $_POST['close_subject'] . "',
                           vice='" . $_POST['group_vice'] . "',
                           view_usernamestyle='" . $_POST['view_usernamestyle'] . "',
                           show_hidden='" . $_POST['hide'] . "',
                           usertitle_change='" . $_POST['usertitle_change'] . "',
                           onlinepage_allow = '" . $_POST['onlinepage_allow'] . "',
                           allow_see_offstyles = '" . $_POST['allow_see_offstyles'] . "',
                           admincp_section='" . $_POST['admincp_section'] . "',
                           admincp_option='" . $_POST['admincp_option'] . "',
                           admincp_member='" . $_POST['admincp_member'] . "',
                           admincp_membergroup='" . $_POST['admincp_membergroup'] . "',
                           admincp_membertitle='" . $_POST['admincp_membertitle'] . "',
                           admincp_admin='" . $_POST['admincp_admin'] . "',
                           admincp_adminstep='" . $_POST['admincp_adminstep'] . "',
                           admincp_subject='" . $_POST['admincp_subject'] . "',
                           admincp_database='" . $_POST['admincp_database'] . "',
                           admincp_fixup='" . $_POST['admincp_fixup'] . "',
                           admincp_ads='" . $_POST['admincp_ads'] . "',
                           admincp_template='" . $_POST['admincp_template'] . "',
                           admincp_adminads='" . $_POST['admincp_adminads'] . "',
                           admincp_attach='" . $_POST['admincp_attach'] . "',
                           admincp_page='" . $_POST['admincp_page'] . "',
                           admincp_block='" . $_POST['admincp_block'] . "',
                           admincp_style='" . $_POST['admincp_style'] . "',
                           admincp_toolbox='" . $_POST['admincp_toolbox'] . "',
                           admincp_smile='" . $_POST['admincp_smile'] . "',
                           admincp_icon='" . $_POST['admincp_icon'] . "',
                           admincp_avater='" . $_POST['admincp_avater'] . "',
                           admincp_contactus='" . $_POST['admincp_contactus'] . "',
                           group_order='" . $_POST['group_order'] . "',
                           upload_attach_num='" . $_POST['upload_attach_num'] . "'
                           WHERE id = '" . intval($_GET['id']) . "'
                           ");

                 if ($update)
                 {
                     $SF->msg('تم التحديث بنجاح !');
                     $SF->go_to('usergroup.php?main=1',2);
                 }
             }
         }

// **  **

         if ($_GET['section'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $SF->Make_cplink_path("<a href='usergroup.php?main=1'>المجموعات</a> -> تحرير مجموعات الاقسام");
                 $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE main_section<>'1' ORDER BY sort ASC");

                 $sections_row = array();
                 while ($section_row = $DB->sql_fetch_array($section_query))
                 {
                     $sections_row[] = $section_row;
                     $Smarty->assign('sections_row',$sections_row);
                 }

                 $mainsection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE main_section='1' ORDER BY sort ASC");

                 $mainsection_rows = array();
                 while ($mainsection_row = $DB->sql_fetch_array($mainsection_query))
                 {
                     $mainsection_rows[] = $mainsection_row;
                     $Smarty->assign('mainsection_rows',$mainsection_rows);
                 }

                 $Smarty->display('usergroup_main_section.tpl');
             }
         }

// **  **

         if ($_GET['show_group'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . intval($_GET['id']) . "'");
                 $section_row   = $DB->sql_fetch_array($section_query);

                 $SF->Make_cplink_path("<a href='usergroup.php?main=1'>المجموعات</a> -> تحرير مجموعات القسم : " . $section_row['title']);

                 $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE section_id='" . intval($_GET['id']) . "'");

                 $groupinfo_rows = array();
                 while ($group_row = $DB->sql_fetch_array($group_query))
                 {
                     $groupinfo_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $group_row['group_id'] . "'");

                     while ($groupinfo_row = $DB->sql_fetch_array($groupinfo_query))
                     {
                         $groupinfo_rows[] = $groupinfo_row;
                         $Smarty->assign('groupinfo_rows',$groupinfo_rows);
                     }
                 }

                 if ($section_row['main_section'] == 1)
                 {
                     $Smarty->assign('main_section','&main_section=1');
                 }

                 $Smarty->assign_by_ref('section_row',$section_row);
                 $Smarty->display('usergroup_show_section_group.tpl');
             }
         }

// **  **

         if ($_GET['show_per'] == 1)
         {
             if ($_GET['index'] == 1)
             {
                 $getgroupinfos_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . intval($_GET['gid']) . "' AND section_id='" . intval($_GET['sid']) . "'");
                 $getgroupinfos_row   = $DB->sql_fetch_array($getgroupinfos_query);

                 $Smarty->assign_by_ref('getgroupinfos_row',$getgroupinfos_row);

                 $SF->Make_cplink_path("<a href='usergroup.php?main=1'>المجموعات</a> -> تحرير مجموعات القسم");

                 if ($_GET['main_section'] == 1)
                 {
                     $Smarty->display('usergroup_show_main_per.tpl');
                 }
                 else
                 {
                     $Smarty->display('usergroup_show_per.tpl');
                 }
             }

             if ($_GET['start'] == 1)
             {
			 	$sec_section = ($_POST['D3'] > 0 ? 0 : 1);
       			$update0= $DB->sql_query("UPDATE `".$db_prefix."section` SET `sec_section`='".$sec_section."' WHERE `id`='".intval($_GET['sid'])."'");			 
                 $update = $DB->sql_query("
                           UPDATE " . $db_prefix . "sectiongroup SET
                           view_section='".$_POST['D3']."',
                           download_attach = '".$_POST['D4']."',
                           upload_attach = '".$_POST['D5']."',
                           write_subject = '" . $_POST['D6'] . "',
                           write_reply = '" . $_POST['D7'] . "',
                           edit_own_subject = '".$_POST['D8']."',
                           edit_own_reply = '".$_POST['D9']."',
                           del_own_subject = '".$_POST['D10']."',
                           del_own_reply = '".$_POST['D11']."',
                           write_poll = '".$_POST['D12']."',
                           vote_poll = '".$_POST['D13']."'
                           WHERE group_id='" . intval($_GET['gid']) . "' AND section_id='" . intval($_GET['sid']) . "'");

                 if ($update and $update0)
                 {
				 	 $SF->UpdateForumsArray();

                     $updategroup  =  $SF->UpdateSectionGroupArray();
                     if ($updategroup)
                     {
                         $SF->msg('تم التحديث بنجاح !');
                         $SF->go_to('usergroup.php?show_per=1&index=1&gid=' . intval($_GET['gid']) . '&sid=' . intval($_GET['sid']),2);
                     }
                 }
             }

             if ($_GET['main_section_start'] == 1)
             {
			 	$sec_section = ($_POST['D3'] > 0 ? 0 : 1);
       			$update0= $DB->sql_query("UPDATE `".$db_prefix."section` SET `sec_section`='".$sec_section."' WHERE `id`='".intval($_GET['sid'])."'");			 
                 $update = $DB->sql_query("
                           UPDATE " . $db_prefix . "sectiongroup SET
                           view_section='".$_POST['D3']."'
                           WHERE group_id='" . $_GET['gid'] . "' AND section_id='" . $_GET['sid'] . "'");

				$getsection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE from_main_section='" . intval($_GET['sid']) . "'");
				while ($getsection_row = $DB->sql_fetch_array($getsection_query))
				{
					$update1 = $DB->sql_query("
					UPDATE " . $db_prefix . "sectiongroup SET
					view_section='".$_POST['D3']."'
					WHERE group_id='" . intval($_GET['gid']) . "' AND section_id='" . $getsection_row['id'] . "'");
				}

                 if ($update and $update0)
                 {
				 	 $SF->UpdateForumsArray();
					 
                     $updategroup  =  $SF->UpdateSectionGroupArray();

                     if ($updategroup)
                     {
                         $SF->msg('تم التحديث بنجاح !');
                         $SF->go_to('usergroup.php?show_per=1&index=1&gid=' . $_GET['gid'] . '&sid=' . $_GET['sid'] . '&main_section=1',2);
                     }
                 }
             }
         }

// **  **

         if ($_GET['del'] == 1)
         {
             if ($_GET['step'] == 1)
             {
                 $id = intval($_GET['id']);

                 $SF->html('<div align="center" dir="rtl">');
                 $SF->html('<p>سوف يتم حذف المجموعه , ماذا عن الاعضاء في المجموعه ؟</p>');

                 $getgroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id<>'" . $id . "'");

                 $SF->html('<form action="usergroup.php?del=1&step=2&id=' . $id . '" method="post">
                            <select size="1" name="member_do" style="font-family: Tahoma; font-size: 8pt" dir="rtl">
                            <option value="1">نقلهم إلى</option>
                            <option value="2">حذف الاعضاء</option>
                            </select>
                            <select size="1" name="new_group" style="font-family: Tahoma; font-size: 8pt" dir="rtl">');

                 while ($getgroup_row = $DB->sql_fetch_array($getgroup_query))
                 {
                     $SF->html('<option value="' . $getgroup_row['id'] . '">' . $getgroup_row['title'] . '</option>');
                 }

                 $SF->html('</select>
                            <input type="submit" value="موافق" style="font-family: Tahoma; font-size: 8pt" dir="rtl">
                            </form>');

                 $SF->html('</div>');
             }
             elseif ($_GET['step'] == 2)
             {
                 $id = intval($_GET['id']);

                 if ($_POST['member_do'] == 1)
                 {
					 $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET usergroup='" . intval($_POST['new_group']) . "' WHERE usergroup='" . $id . "'");
					 
                     if ($update)
                     {
                         $SF->msg('تم تحويل الاعضاء إلى المجموعه المطلوبه');
                     }
                 }
                 elseif ($_POST['member_do'] == 2)
                 {
					 $getmember_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE usergroup='" . $id . "'");
                     while ($getmember_row = $DB->sql_fetch_array($getmember_query))
                     {
                         $del_member = $DB->sql_query("DELETE FROM " . $db_prefix . "member WHERE id='" . $getmember_row['member_id'] . "'");

                         if ($del_member)
                         {
                             $SF->msg('تم حذف العضو ' . htmlspecialchars($getmember_row['member_id']));
                         }
                     }
                 }

                 $del = $DB->sql_query("DELETE FROM " . $db_prefix . "group WHERE id='" . $id . "'");

                 if ($del)
                 {
                     $SF->msg('تم حذف المجموعه بنجاح');
                     $SF->goto('usergroup.php?main=1');
                 }
             }
         }

// **  **

    }

?>